๐ก๏ธ Microsoft Defender Recommendations for Apply System Updates are not completed๐ขโช
- Contextual name: ๐ก๏ธ Recommendations for Apply System Updates are not completed๐ขโช
- ID:
/ce/ca/azure/microsoft-defender/recommendations-for-apply-system-updates - Tags:
- โช Impossible policy
- ๐ข Policy with categories
- ๐ข Policy with type
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
SECURITY
Descriptionโ
Descriptionโ
Ensure that the latest OS patches for all virtual machines are applied.
Rationaleโ
Windows and Linux virtual machines should be kept updated to:
- Address a specific bug or flaw
- Improve an OS or applicationโs general stability
- Fix a security vulnerability
Microsoft Defender for Cloud retrieves a list of available security and critical updates from Windows Update or Windows Server Update Services (WSUS), depending on which service is configured on a Windows VM. The security center also checks for the latest updates in Linux systems. If a VM is missing a system update, the security center will recommend system updates be applied.
Impactโ
Running Microsoft Defender for Cloud incurs additional charges for each resource monitored. Please see attached reference for exact charges per hour.
Auditโ
From Azure Portalโ
- From Azure Home select the Portal Menu.
- Select
Microsoft Defender for Cloud.- Then the
Recommendationsblade.- Ensure that there are no recommendations for
Apply system updates.... see more
Remediationโ
Remediationโ
Follow Microsoft Azure documentation to apply security patches from the security center. Alternatively, you can employ your own patch assessment and management tool to periodically assess, report, and install the required security patches for your OS.
policy.yamlโ
Linked Framework Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| ๐ผ CIS Azure v2.1.0 โ ๐ผ 2.1.12 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed' - Level 1 (Automated) | 1 | no data | |||
| ๐ผ CIS Azure v3.0.0 โ ๐ผ 3.1.10 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed' (Automated) | 1 | no data | |||
| ๐ผ CIS Azure v4.0.0 โ ๐ผ 9.1.10 Ensure that Microsoft Defender for Cloud is configured to check VM operating systems for updates (Automated) | 1 | no data | |||
| ๐ผ Cloudaware Framework โ ๐ผ Microsoft Defender Configuration | 26 | no data |